serious security problem, once this private keys is shared
between "B" employees.
My proposal:
To exist a service that TLS Client implementations consume to make the tasks who
only the certificate private key detainer can do.
Does this proposal make sense?
Regards,
On Mon, Jul 16, 2018 at 3
:50 PM Ted Lemon wrote:
>
> Why do you need to extend tls to do this? Why not just use it for
> encapsulation? What you are describing sounds more like pgp than tls.
>
> On Mon, Jul 16, 2018 at 12:15 PM Walter Neto
> wrote:
>>
>> Hi IETF tls list,
>>
>>
ate a service that generates tokens to third applications
use this service to sign, and encrypt data without the certificate, and
introduce an option in the tls protocol to pass the token and the service
address to use it when don't have local cert files.
Does it make sense?
--
W
